Vulnerabilities > Apple > Iphone OS > 1.1.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-09-09 | CVE-2010-1814 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus. | 6.8 |
| 2010-09-09 | CVE-2010-1813 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines. | 6.8 |
| 2010-09-09 | CVE-2010-1812 | Resource Management Errors vulnerability in multiple products Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections. | 6.8 |
| 2010-09-09 | CVE-2010-1811 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file. | 6.8 |
| 2010-09-09 | CVE-2010-1810 | Unspecified vulnerability in Apple Iphone OS FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate. network apple | 3.5 |
| 2010-09-09 | CVE-2010-1809 | Unspecified vulnerability in Apple Iphone OS The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors. | 10.0 |
| 2010-09-09 | CVE-2010-1781 | Resource Management Errors vulnerability in multiple products Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an inline element. | 6.8 |
| 2010-09-07 | CVE-2010-3259 | Information Exposure vulnerability in multiple products WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site. | 4.3 |
| 2010-09-07 | CVE-2010-3257 | USE After Free vulnerability in multiple products Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus. | 9.3 |
| 2010-08-24 | CVE-2010-3116 | USE After Free vulnerability in multiple products Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins. | 10.0 |